View yubikey-setup.txt
Decent links:
* https://github.com/drduh/YubiKey-Guide
* https://blog.josefsson.org/2014/06/23/offline-gnupg-master-key-and-subkeys-on-yubikey-neo-smartcard/
* http://stafwag.github.io/blog/blog/2015/06/16/using-yubikey-neo-as-gpg-smartcard-for-ssh-authentication/
* Or just google for gpg, yubikey, ssh, there is a lot of guides.
## The GPG setup
View signin-aws
#!/bin/bash
# This script expects AWS credentials:
# SIGNIN_AWS_ACCESS_KEY_ID
# SIGNIN_AWS_SECRET_ACCESS_KEY
# And optionally the TOTP entry name in your yubikey
# SIGNIN_AWS_YUBIKEY_OATH_NAME
# Put these environment variables into your .bashrc.local (or .bashrc, if you
# don't sync dot-files). In your .bashrc you'll also want:
# alias signin-aws='eval `signin-aws`'
View README.md
View jsone-light.js
import _ from 'lodash';
import assert from 'assert';
// Render string given context
let renderString = (value, context) => {
return value.replace(/\${([^}]+)}/g, (expr, key) => {
if (context[key] === undefined) {
throw new Error('Undefined variable referenced in: ' + expr);
}
if (!_.includes(['number', 'string'], typeof(context[key]))) {
View actions-utils.js
import _ from 'lodash';
import Ajv from 'ajv';
import assert from 'assert';
import taskcluster from 'taskcluster-client';
let data = {}; // TODO: Load actions.json from decision task
if (data.version > 1) {
throw Error('Unsupported version of public/actions.json');
}
View actions-schema.yml
$schema: http://json-schema.org/draft-04/schema#
id: https://hg.mozilla.org/mozilla-central/raw-file/tip/taskcluster/docs/actions-schema.yml
title: Schema for Exposing Actions
description: |
This document specifies the schema for the `public/actions.json` used by
_decision tasks_ to expose actions that can be triggered by end-users.
For the purpose of this document the _consumer_ is the user-interface that
displays task results to the end-user and allows end-users to trigger actions
defined by `public/actions.json`. A _consumer_ might be Treeherder.
View simple-expression-language
{
// Save parse options as context
var context = options;
}
Expression
= _ e:LogicalExpression _ { return e; }
LogicalExpression
= l:ComparisonExpression _ '||' _ r:LogicalExpression { return l || r; }
View cot.json
{
"id": "http://schemas.taskcluster.net/common/v1/cot.json#",
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Chain of Trust Artifact",
"description": "COT-artifact for verfication of tasks",
"type": "object",
"properties": {
"chainOfTrustVersion": {"enum": [1]},
"artifacts": {
"additionalProperties": {
View README.md

How to use this

  1. Find a task on treeherder
  2. Use the "inspect-task" link to get to the task-inspector
  3. Use the "one-click-loaner" link to get a loaner task
  4. Click the taskId of the loaner task
  5. List artifacts
  6. Find "private/docker-worker/shell.html"
  7. Right click and copy URL (ensure that you are logged into the tools.taskcluster.net with an LDAP user with commit level 1)
View package.json
{
"private": true,
"dependencies": {
"docker-exec-websocket-server": "^1.3.1"
}
}